platform/external/busybox.git - Unnamed repository; edit this file 'description' to name the repository.

1 /* vi: set sw=4 ts=4: */
2 /*
3  * Licensed under GPLv2 or later, see file LICENSE in this source tree.
4  */
5
6 //usage:#define passwd_trivial_usage
7 //usage:       "[OPTIONS] [USER]"
8 //usage:#define passwd_full_usage "\n\n"
9 //usage:       "Change USER's password (default: current user)"
10 //usage:     "\n"
11 //usage:     "\n	-a ALG	Encryption method"
12 //usage:     "\n	-d	Set password to ''"
13 //usage:     "\n	-l	Lock (disable) account"
14 //usage:     "\n	-u	Unlock (enable) account"
15
16 #include "libbb.h"
17 #include <syslog.h>
18 #include <sys/resource.h> /* setrlimit */
19
20 static char* new_password(const struct passwd *pw, uid_t myuid, const char *algo)
21 {
22 	char salt[MAX_PW_SALT_LEN];
23 	char *orig = (char*)"";
24 	char *newp = NULL;
25 	char *cp = NULL;
26 	char *ret = NULL; /* failure so far */
27
28 	if (myuid != 0 && pw->pw_passwd[0]) {
29 		char *encrypted;
30
31 		orig = bb_ask_stdin("Old password: "); /* returns ptr to static */
32 		if (!orig)
33 			goto err_ret;
34 		encrypted = pw_encrypt(orig, pw->pw_passwd, 1); /* returns malloced str */
35 		if (strcmp(encrypted, pw->pw_passwd) != 0) {
36 			syslog(LOG_WARNING, "incorrect password for %s", pw->pw_name);
37 			bb_do_delay(LOGIN_FAIL_DELAY);
38 			puts("Incorrect password");
39 			goto err_ret;
40 		}
41 		if (ENABLE_FEATURE_CLEAN_UP)
42 			free(encrypted);
43 	}
44 	orig = xstrdup(orig); /* or else bb_ask_stdin() will destroy it */
45 	newp = bb_ask_stdin("New password: "); /* returns ptr to static */
46 	if (!newp)
47 		goto err_ret;
48 	newp = xstrdup(newp); /* we are going to bb_ask_stdin() again, so save it */
49 	if (ENABLE_FEATURE_PASSWD_WEAK_CHECK
50 	 && obscure(orig, newp, pw)
51 	 && myuid != 0
52 	) {
53 		goto err_ret; /* non-root is not allowed to have weak passwd */
54 	}
55
56 	cp = bb_ask_stdin("Retype password: ");
57 	if (!cp)
58 		goto err_ret;
59 	if (strcmp(cp, newp) != 0) {
60 		puts("Passwords don't match");
61 		goto err_ret;
62 	}
63
64 	crypt_make_pw_salt(salt, algo);
65
66 	/* pw_encrypt returns malloced str */
67 	ret = pw_encrypt(newp, salt, 1);
68 	/* whee, success! */
69
70  err_ret:
71 	nuke_str(orig);
72 	if (ENABLE_FEATURE_CLEAN_UP) free(orig);
73
74 	nuke_str(newp);
75 	if (ENABLE_FEATURE_CLEAN_UP) free(newp);
76
77 	nuke_str(cp);
78 	return ret;
79 }
80
81 int passwd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
82 int passwd_main(int argc UNUSED_PARAM, char **argv)
83 {
84 	enum {
85 		OPT_algo   = (1 << 0), /* -a - password algorithm */
86 		OPT_lock   = (1 << 1), /* -l - lock account */
87 		OPT_unlock = (1 << 2), /* -u - unlock account */
88 		OPT_delete = (1 << 3), /* -d - delete password */
89 		OPT_lud    = OPT_lock | OPT_unlock | OPT_delete,
90 	};
91 	unsigned opt;
92 	int rc;
93 	const char *opt_a = CONFIG_FEATURE_DEFAULT_PASSWD_ALGO;
94 	const char *filename;
95 	char *myname;
96 	char *name;
97 	char *newp;
98 	struct passwd *pw;
99 	uid_t myuid;
100 	struct rlimit rlimit_fsize;
101 	char c;
102 #if ENABLE_FEATURE_SHADOWPASSWDS
103 	/* Using _r function to avoid pulling in static buffers */
104 	struct spwd spw;
105 	char buffer[256];
106 #endif
107
108 	logmode = LOGMODE_BOTH;
109 	openlog(applet_name, 0, LOG_AUTH);
110 	opt = getopt32(argv, "a:lud", &opt_a);
111 	//argc -= optind;
112 	argv += optind;
113
114 	myuid = getuid();
115 	/* -l, -u, -d require root priv and username argument */
116 	if ((opt & OPT_lud) && (myuid != 0 || !argv[0]))
117 		bb_show_usage();
118
119 	/* Will complain and die if username not found */
120 	myname = xstrdup(xuid2uname(myuid));
121 	name = argv[0] ? argv[0] : myname;
122
123 	pw = xgetpwnam(name);
124 	if (myuid != 0 && pw->pw_uid != myuid) {
125 		/* LOGMODE_BOTH */
126 		bb_error_msg_and_die("%s can't change password for %s", myname, name);
127 	}
128
129 #if ENABLE_FEATURE_SHADOWPASSWDS
130 	{
131 		/* getspnam_r may return 0 yet set result to NULL.
132 		 * At least glibc 2.4 does this. Be extra paranoid here. */
133 		struct spwd *result = NULL;
134 		errno = 0;
135 		if (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result) != 0
136 		 || !result /* no error, but no record found either */
137 		 || strcmp(result->sp_namp, pw->pw_name) != 0 /* paranoia */
138 		) {
139 			if (errno != ENOENT) {
140 				/* LOGMODE_BOTH */
141 				bb_perror_msg("no record of %s in %s, using %s",
142 					name, bb_path_shadow_file,
143 					bb_path_passwd_file);
144 			}
145 			/* else: /etc/shadow does not exist,
146 			 * apparently we are on a shadow-less system,
147 			 * no surprise there */
148 		} else {
149 			pw->pw_passwd = result->sp_pwdp;
150 		}
151 	}
152 #endif
153
154 	/* Decide what the new password will be */
155 	newp = NULL;
156 	c = pw->pw_passwd[0] - '!';
157 	if (!(opt & OPT_lud)) {
158 		if (myuid != 0 && !c) { /* passwd starts with '!' */
159 			/* LOGMODE_BOTH */
160 			bb_error_msg_and_die("can't change "
161 					"locked password for %s", name);
162 		}
163 		printf("Changing password for %s\n", name);
164 		newp = new_password(pw, myuid, opt_a);
165 		if (!newp) {
166 			logmode = LOGMODE_STDIO;
167 			bb_error_msg_and_die("password for %s is unchanged", name);
168 		}
169 	} else if (opt & OPT_lock) {
170 		if (!c)
171 			goto skip; /* passwd starts with '!' */
172 		newp = xasprintf("!%s", pw->pw_passwd);
173 	} else if (opt & OPT_unlock) {
174 		if (c)
175 			goto skip; /* not '!' */
176 		/* pw->pw_passwd points to static storage,
177 		 * strdup'ing to avoid nasty surprizes */
178 		newp = xstrdup(&pw->pw_passwd[1]);
179 	} else if (opt & OPT_delete) {
180 		newp = (char*)"";
181 	}
182
183 	rlimit_fsize.rlim_cur = rlimit_fsize.rlim_max = 512L * 30000;
184 	setrlimit(RLIMIT_FSIZE, &rlimit_fsize);
185 	bb_signals(0
186 		+ (1 << SIGHUP)
187 		+ (1 << SIGINT)
188 		+ (1 << SIGQUIT)
189 		, SIG_IGN);
190 	umask(077);
191 	xsetuid(0);
192
193 #if ENABLE_FEATURE_SHADOWPASSWDS
194 	filename = bb_path_shadow_file;
195 	rc = update_passwd(bb_path_shadow_file, name, newp, NULL);
196 	if (rc > 0)
197 		/* password in /etc/shadow was updated */
198 		newp = (char*) "x";
199 	if (rc >= 0)
200 		/* 0 = /etc/shadow missing (not an error), >0 = passwd changed in /etc/shadow */
201 #endif
202 	{
203 		filename = bb_path_passwd_file;
204 		rc = update_passwd(bb_path_passwd_file, name, newp, NULL);
205 	}
206 	/* LOGMODE_BOTH */
207 	if (rc < 0)
208 		bb_error_msg_and_die("can't update password file %s", filename);
209 	bb_info_msg("Password for %s changed by %s", name, myname);
210
211 	/*if (ENABLE_FEATURE_CLEAN_UP) free(newp); - can't, it may be non-malloced */
212  skip:
213 	if (!newp) {
214 		bb_error_msg_and_die("password for %s is already %slocked",
215 			name, (opt & OPT_unlock) ? "un" : "");
216 	}
217
218 	if (ENABLE_FEATURE_CLEAN_UP)
219 		free(myname);
220 	return 0;
221 }
222
1	/* vi: set sw=4 ts=4: */
2	/*
3	* Licensed under GPLv2 or later, see file LICENSE in this source tree.
4	*/
5
6	//usage:#define passwd_trivial_usage
7	//usage: "[OPTIONS] [USER]"
8	//usage:#define passwd_full_usage "\n\n"
9	//usage: "Change USER's password (default: current user)"
10	//usage: "\n"
11	//usage: "\n -a ALG Encryption method"
12	//usage: "\n -d Set password to ''"
13	//usage: "\n -l Lock (disable) account"
14	//usage: "\n -u Unlock (enable) account"
15
16	#include "libbb.h"
17	#include <syslog.h>
18	#include <sys/resource.h> /* setrlimit */
19
20	static char* new_password(const struct passwd pw, uid_t myuid, const char algo)
21	{
22	char salt[MAX_PW_SALT_LEN];
23	char orig = (char)"";
24	char *newp = NULL;
25	char *cp = NULL;
26	char ret = NULL; / failure so far */
27
28	if (myuid != 0 && pw->pw_passwd[0]) {
29	char *encrypted;
30
31	orig = bb_ask_stdin("Old password: "); /* returns ptr to static */
32	if (!orig)
33	goto err_ret;
34	encrypted = pw_encrypt(orig, pw->pw_passwd, 1); /* returns malloced str */
35	if (strcmp(encrypted, pw->pw_passwd) != 0) {
36	syslog(LOG_WARNING, "incorrect password for %s", pw->pw_name);
37	bb_do_delay(LOGIN_FAIL_DELAY);
38	puts("Incorrect password");
39	goto err_ret;
40	}
41	if (ENABLE_FEATURE_CLEAN_UP)
42	free(encrypted);
43	}
44	orig = xstrdup(orig); /* or else bb_ask_stdin() will destroy it */
45	newp = bb_ask_stdin("New password: "); /* returns ptr to static */
46	if (!newp)
47	goto err_ret;
48	newp = xstrdup(newp); /* we are going to bb_ask_stdin() again, so save it */
49	if (ENABLE_FEATURE_PASSWD_WEAK_CHECK
50	&& obscure(orig, newp, pw)
51	&& myuid != 0
52	) {
53	goto err_ret; /* non-root is not allowed to have weak passwd */
54	}
55
56	cp = bb_ask_stdin("Retype password: ");
57	if (!cp)
58	goto err_ret;
59	if (strcmp(cp, newp) != 0) {
60	puts("Passwords don't match");
61	goto err_ret;
62	}
63
64	crypt_make_pw_salt(salt, algo);
65
66	/* pw_encrypt returns malloced str */
67	ret = pw_encrypt(newp, salt, 1);
68	/* whee, success! */
69
70	err_ret:
71	nuke_str(orig);
72	if (ENABLE_FEATURE_CLEAN_UP) free(orig);
73
74	nuke_str(newp);
75	if (ENABLE_FEATURE_CLEAN_UP) free(newp);
76
77	nuke_str(cp);
78	return ret;
79	}
80
81	int passwd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
82	int passwd_main(int argc UNUSED_PARAM, char **argv)
83	{
84	enum {
85	OPT_algo = (1 << 0), /* -a - password algorithm */
86	OPT_lock = (1 << 1), /* -l - lock account */
87	OPT_unlock = (1 << 2), /* -u - unlock account */
88	OPT_delete = (1 << 3), /* -d - delete password */
89	OPT_lud = OPT_lock \| OPT_unlock \| OPT_delete,
90	};
91	unsigned opt;
92	int rc;
93	const char *opt_a = CONFIG_FEATURE_DEFAULT_PASSWD_ALGO;
94	const char *filename;
95	char *myname;
96	char *name;
97	char *newp;
98	struct passwd *pw;
99	uid_t myuid;
100	struct rlimit rlimit_fsize;
101	char c;
102	#if ENABLE_FEATURE_SHADOWPASSWDS
103	/* Using _r function to avoid pulling in static buffers */
104	struct spwd spw;
105	char buffer[256];
106	#endif
107
108	logmode = LOGMODE_BOTH;
109	openlog(applet_name, 0, LOG_AUTH);
110	opt = getopt32(argv, "a:lud", &opt_a);
111	//argc -= optind;
112	argv += optind;
113
114	myuid = getuid();
115	/* -l, -u, -d require root priv and username argument */
116	if ((opt & OPT_lud) && (myuid != 0 \|\| !argv[0]))
117	bb_show_usage();
118
119	/* Will complain and die if username not found */
120	myname = xstrdup(xuid2uname(myuid));
121	name = argv[0] ? argv[0] : myname;
122
123	pw = xgetpwnam(name);
124	if (myuid != 0 && pw->pw_uid != myuid) {
125	/* LOGMODE_BOTH */
126	bb_error_msg_and_die("%s can't change password for %s", myname, name);
127	}
128
129	#if ENABLE_FEATURE_SHADOWPASSWDS
130	{
131	/* getspnam_r may return 0 yet set result to NULL.
132	* At least glibc 2.4 does this. Be extra paranoid here. */
133	struct spwd *result = NULL;
134	errno = 0;
135	if (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result) != 0
136	\|\| !result /* no error, but no record found either */
137	\|\| strcmp(result->sp_namp, pw->pw_name) != 0 /* paranoia */
138	) {
139	if (errno != ENOENT) {
140	/* LOGMODE_BOTH */
141	bb_perror_msg("no record of %s in %s, using %s",
142	name, bb_path_shadow_file,
143	bb_path_passwd_file);
144	}
145	/* else: /etc/shadow does not exist,
146	* apparently we are on a shadow-less system,
147	* no surprise there */
148	} else {
149	pw->pw_passwd = result->sp_pwdp;
150	}
151	}
152	#endif
153
154	/* Decide what the new password will be */
155	newp = NULL;
156	c = pw->pw_passwd[0] - '!';
157	if (!(opt & OPT_lud)) {
158	if (myuid != 0 && !c) { /* passwd starts with '!' */
159	/* LOGMODE_BOTH */
160	bb_error_msg_and_die("can't change "
161	"locked password for %s", name);
162	}
163	printf("Changing password for %s\n", name);
164	newp = new_password(pw, myuid, opt_a);
165	if (!newp) {
166	logmode = LOGMODE_STDIO;
167	bb_error_msg_and_die("password for %s is unchanged", name);
168	}
169	} else if (opt & OPT_lock) {
170	if (!c)
171	goto skip; /* passwd starts with '!' */
172	newp = xasprintf("!%s", pw->pw_passwd);
173	} else if (opt & OPT_unlock) {
174	if (c)
175	goto skip; /* not '!' */
176	/* pw->pw_passwd points to static storage,
177	* strdup'ing to avoid nasty surprizes */
178	newp = xstrdup(&pw->pw_passwd[1]);
179	} else if (opt & OPT_delete) {
180	newp = (char*)"";
181	}
182
183	rlimit_fsize.rlim_cur = rlimit_fsize.rlim_max = 512L * 30000;
184	setrlimit(RLIMIT_FSIZE, &rlimit_fsize);
185	bb_signals(0
186	+ (1 << SIGHUP)
187	+ (1 << SIGINT)
188	+ (1 << SIGQUIT)
189	, SIG_IGN);
190	umask(077);
191	xsetuid(0);
192
193	#if ENABLE_FEATURE_SHADOWPASSWDS
194	filename = bb_path_shadow_file;
195	rc = update_passwd(bb_path_shadow_file, name, newp, NULL);
196	if (rc > 0)
197	/* password in /etc/shadow was updated */
198	newp = (char*) "x";
199	if (rc >= 0)
200	/* 0 = /etc/shadow missing (not an error), >0 = passwd changed in /etc/shadow */
201	#endif
202	{
203	filename = bb_path_passwd_file;
204	rc = update_passwd(bb_path_passwd_file, name, newp, NULL);
205	}
206	/* LOGMODE_BOTH */
207	if (rc < 0)
208	bb_error_msg_and_die("can't update password file %s", filename);
209	bb_info_msg("Password for %s changed by %s", name, myname);
210
211	/if (ENABLE_FEATURE_CLEAN_UP) free(newp); - can't, it may be non-malloced /
212	skip:
213	if (!newp) {
214	bb_error_msg_and_die("password for %s is already %slocked",
215	name, (opt & OPT_unlock) ? "un" : "");
216	}
217
218	if (ENABLE_FEATURE_CLEAN_UP)
219	free(myname);
220	return 0;
221	}
222